“Uber Settles Trade-Secrets Case,” The Wall Street Journal, February 10, 2018 B1. Uber pays more than $240 million to settle case, and agrees not to use certain technology on self-driving cars, allegedly belonging to Waymo. The agreement not to use was worth perhaps $250 million.
How does your company make sure it isn’t using a third party’s intellectual property without permission? Is this an important part of your compliance program? How does your company manage its acquisitions of new companies, some of whom (or their employees) may not have been as diligent in avoiding trade secret theft?
How can you prevent people from bringing information that you do not want into your company? What are your processes?
Filed under Board, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Ownership, Ownership, Policy, Protect assets, Protect information assets, Supervision, Third parties, Value, Vendors
Willie Sutton (a famous bank robber) was reportedly asked, “Why do you rob banks?” He reportedly said, “Because that’s where the money is.” https://www.snopes.com/quotes/sutton.asp
“Hackers Plunder Crypto Exchange,” The Wall Street Journal, January 27, 2018 B5. More than $500 million in credits hacked from the Coincheck site in Japan. One assumes virtual banks are easier to rob than brick and mortar banks.
This is a concrete example of the cost of a cyber breach. But it also follows on from an earlier post (Law School Exam Question) equating cash money and information, in terms of value.
If businesses (including the Board of Directors) treated information assets as cash, and managing, protecting, and controlling the organization’s information as currency, would that be “information governance”? Why do they handle information assets differently? Why should the Board and the officers get a pass on this? The shareholders certainly don’t.
Filed under Board, Controls, Corporation, Directors, Duty, Duty of Care, Employees, Governance, Internal controls, IT, Oversight, Oversight, Ownership, Protect, Protect assets, Protect information assets, Security, Third parties, Value
“Battle at CFPB Rages On,” The Wall Street Journal, December 4, 2017 B9. The person who lost in her attempt to seize control of the CFPB despite the appointment of Mick Mulvaney as the head of the agency asks the court to do “a more complete legal assessment of her claims.”
I guess if you don’t like the first decision, you might as well ask again, right?
Governance involves having a clear idea of who governs. I suspect the court will clarify the matter for her and her lawyer.
“Hackers Target Private Data, Network Access of Young Job Seekers,” The Wall Street Journal, August 21, 2017 B5. Job scams continue. Some use fake LinkedIn profiles.
Be careful on the web. When you click, you get what they send, not necessarily what you expect. Control what information you get.
Lot of hacks since then.
I was torn between four different pieces in the WSJ today:
“Big Pay Day for Mylan Chairman,” The Wall Street Journal, May 3, 2017 B3. What does it say when the company that charges $600 for a two-pack of a delivery mechanism for $1.25 worth of epinephrine pay its chairman $100 million? Guess what that culture’s like.
“Molina Healthcare Replaces Top 2 Executives,” The Wall Street Journal, May 3, 2017 B3. Company removes two family members after poor financial returns (but they’ll stay on the Board). Guess charity doesn’t begin at home. Removing someone for poor performance is one thing; next they’ll remove people for violating the law, or company policy. But Thanksgiving’s going to be a bear.
“Beijing Places Curbs On Online New Portals,” The Wall Street Journal, May 3, 2017 B4. Managing information includes denying access to it. So much for net neutrality.
But I decided to go with “Berkshire Faces Pressure Over Political Disclosure,” The Wall Street Journal, May 3, 2017 B5. Vote on whether the company should disclose the amount of political contributions it makes, and to whom. Were I a shareholder, I might ask whether those expenditures were for the benefit of the company or for the benefit of incumbent management. But shouldn’t shareholders be able to ask the question and get the answer? Citizens United is fine, but disclosure to the shareholders makes sense, so they can decide whether to stay invested.
Filed under Access, Board, Controls, Corporation, Culture, Culture, Duty, Employees, Governance, Inform shareholders, Internal controls, Investor relations, Ownership, To report
An employee leaves Company A and starts a new one, Company B, which is in turn acquired by Company C, a competitor of Company A. Company C develops a laser sensor for self-driving cars. Company A sues, alleging the employee downloaded 14,000 files before departing, including information about laser sensors and supplier lists and manufacturing details.
“Alphabet Sues Uber Over Trade Secrets,” The Wall Street Journal, February 24, 2017 B3.
How do you protect the company’s technology jewels? How do you limit and track access? How do you ensure that a new employee isn’t bringing something he or she shouldn’t have? How did the directors and managers allow this to happen, at both Company A and Company C? Is this information no longer a trade secret because Company A didn’t protect it well enough?
Filed under Access, Compliance, Compliance, Controls, Corporation, Duty, Duty of Care, Employees, Governance, Information, Internal controls, IT, Management, Managers, Oversight, Ownership, Protect, Protect assets, Security, Third parties
One aspect of information governance is who’s in charge? Who “governs,” and how?
“Scrutiny Of Voting Procedures Set to Soar,” The Wall Street Journal, October 27, 2016 A4. We could guess that a lot of folks would want to observe the US election process to make sure everything’s kosher. You’d guess a bunch of state authorities, the Department of Justice, and the various political parties and their respective surrogates. But the Organization of American States (40) and the Organization for Security and Cooperation in Europe (500+ observers) were invited by the State Department.
Why? What role do they have? Do they own the process? Do they report to someone who owns the process? (“They” could mean the OAS, the OSCE, or the State Department).